NO SPONSORSHIP Business Continuity Specialist SALARY: $75k - $90K PLUS 10% BONUS LOCATION: AUSTIN, TX HYBRID 3 DAYS ONSITE, 2 DAYS REMOTE Looking for a candidate to focus on all the business continuity globally (not just IT). Risk assessments, business impact, change management, audit management. You will also do planning and scheduling of business continuity exercises and disaster recovery planning crisis' managing bc/dr resumption planning The Business Continuity (BC) Specialist I supports the implementation and development of a comprehensive business continuity strategy and programs, plans, and toolsets that support response, develop resiliency, and enable recovery from events that disrupt business operations. Uses the established framework and methodology to manage all business continuity life cycle activities, including risk assessment, business impact analysis, strategy development, implementation, testing and review, plan maintenance and updates. Supports the management and delivery of the program that addresses business recovery and emergency response management. Maintain the planning, governance, implementation, maintenance, and execution of Business Continuity components. Work with critical process leaders to ensure that policies, plans, procedures, and strategies effectively provide the recovery framework for restoration of critical processes that meet or exceed business demand. Coordinate the development and maintenance of comprehensive Business Impact Analyses (BIA), Risk Assessments, Change Management, and Audit Management program components. Provide input and integrate policies, guidelines, and controls to govern program effectiveness and alignment with industry best practices. Participate and complete Risk Assessments to identify inadequate strategies and concerns with associated remediation tactics for project sponsors. Facilitate the completion of Business Impact Analysis through survey development, roundtable discussions and best practice methodology reporting. Ensure appropriate plans, procedures and supplemental documentation is properly maintained and readily available. Plan and schedule all Business Continuity exercises. Coordinate ongoing Business Continuity awareness and training sessions that reinforce familiarity with roles/responsibilities and plan procedures. Analyze weekly and monthly metrics, benchmark milestones, and program progress to the Business Continuity sponsors and leadership. Qualifications & Requirements Bachelor's degree Minimum of 2 years practical experience in Business Continuity regarding the development of plans, procedures, strategies, risk assessments, business impact analysis, audit reviews, and exercise facilitation is required. Experience in Business Resumption Planning, Crisis Management Planning, Incident Response Planning, Disaster Recovery Planning, Plan Exercising/Testing, Conducting BIAs. Experience in performing BC audits or in managing and coordinating the response to a major, unplanned disruptive event that required activation of the BC/DR/Incident or Crisis Management Plans. Proficient with Microsoft Office Suite or related software. Proven competency in the timely management and execution of large projects. Administrator level skill with Emergency Notification Systems and similar planning applications. Good strategic, problem solving, and analytical skills. Strong communication skills; presentation, verbal and written. Ability to collaborate with others to develop an emergency plan. Strong knowledge of technology and business concepts, life cycles and processes. Hands-on experience implementing business continuity management software is a plus.
28/03/2024
Full time
NO SPONSORSHIP Business Continuity Specialist SALARY: $75k - $90K PLUS 10% BONUS LOCATION: AUSTIN, TX HYBRID 3 DAYS ONSITE, 2 DAYS REMOTE Looking for a candidate to focus on all the business continuity globally (not just IT). Risk assessments, business impact, change management, audit management. You will also do planning and scheduling of business continuity exercises and disaster recovery planning crisis' managing bc/dr resumption planning The Business Continuity (BC) Specialist I supports the implementation and development of a comprehensive business continuity strategy and programs, plans, and toolsets that support response, develop resiliency, and enable recovery from events that disrupt business operations. Uses the established framework and methodology to manage all business continuity life cycle activities, including risk assessment, business impact analysis, strategy development, implementation, testing and review, plan maintenance and updates. Supports the management and delivery of the program that addresses business recovery and emergency response management. Maintain the planning, governance, implementation, maintenance, and execution of Business Continuity components. Work with critical process leaders to ensure that policies, plans, procedures, and strategies effectively provide the recovery framework for restoration of critical processes that meet or exceed business demand. Coordinate the development and maintenance of comprehensive Business Impact Analyses (BIA), Risk Assessments, Change Management, and Audit Management program components. Provide input and integrate policies, guidelines, and controls to govern program effectiveness and alignment with industry best practices. Participate and complete Risk Assessments to identify inadequate strategies and concerns with associated remediation tactics for project sponsors. Facilitate the completion of Business Impact Analysis through survey development, roundtable discussions and best practice methodology reporting. Ensure appropriate plans, procedures and supplemental documentation is properly maintained and readily available. Plan and schedule all Business Continuity exercises. Coordinate ongoing Business Continuity awareness and training sessions that reinforce familiarity with roles/responsibilities and plan procedures. Analyze weekly and monthly metrics, benchmark milestones, and program progress to the Business Continuity sponsors and leadership. Qualifications & Requirements Bachelor's degree Minimum of 2 years practical experience in Business Continuity regarding the development of plans, procedures, strategies, risk assessments, business impact analysis, audit reviews, and exercise facilitation is required. Experience in Business Resumption Planning, Crisis Management Planning, Incident Response Planning, Disaster Recovery Planning, Plan Exercising/Testing, Conducting BIAs. Experience in performing BC audits or in managing and coordinating the response to a major, unplanned disruptive event that required activation of the BC/DR/Incident or Crisis Management Plans. Proficient with Microsoft Office Suite or related software. Proven competency in the timely management and execution of large projects. Administrator level skill with Emergency Notification Systems and similar planning applications. Good strategic, problem solving, and analytical skills. Strong communication skills; presentation, verbal and written. Ability to collaborate with others to develop an emergency plan. Strong knowledge of technology and business concepts, life cycles and processes. Hands-on experience implementing business continuity management software is a plus.
NO SPONSORSHIP Business Continuity Specialist SALARY: $75k - $90K PLUS 10% BONUS LOCATION: AUSTIN, TX HYBRID 3 DAYS ONSITE, 2 DAYS REMOTE Looking for a candidate to focus on all the business continuity globally (not just IT). Risk assessments, business impact, change management, audit management. You will also do planning and scheduling of business continuity exercises and disaster recovery planning crisis' managing bc/dr resumption planning The Business Continuity (BC) Specialist I supports the implementation and development of a comprehensive business continuity strategy and programs, plans, and toolsets that support response, develop resiliency, and enable recovery from events that disrupt business operations. Uses the established framework and methodology to manage all business continuity life cycle activities, including risk assessment, business impact analysis, strategy development, implementation, testing and review, plan maintenance and updates. Supports the management and delivery of the program that addresses business recovery and emergency response management. Maintain the planning, governance, implementation, maintenance, and execution of Business Continuity components. Work with critical process leaders to ensure that policies, plans, procedures, and strategies effectively provide the recovery framework for restoration of critical processes that meet or exceed business demand. Coordinate the development and maintenance of comprehensive Business Impact Analyses (BIA), Risk Assessments, Change Management, and Audit Management program components. Provide input and integrate policies, guidelines, and controls to govern program effectiveness and alignment with industry best practices. Participate and complete Risk Assessments to identify inadequate strategies and concerns with associated remediation tactics for project sponsors. Facilitate the completion of Business Impact Analysis through survey development, roundtable discussions and best practice methodology reporting. Ensure appropriate plans, procedures and supplemental documentation is properly maintained and readily available. Plan and schedule all Business Continuity exercises. Coordinate ongoing Business Continuity awareness and training sessions that reinforce familiarity with roles/responsibilities and plan procedures. Analyze weekly and monthly metrics, benchmark milestones, and program progress to the Business Continuity sponsors and leadership. Qualifications & Requirements Bachelor's degree Minimum of 2 years practical experience in Business Continuity regarding the development of plans, procedures, strategies, risk assessments, business impact analysis, audit reviews, and exercise facilitation is required. Experience in Business Resumption Planning, Crisis Management Planning, Incident Response Planning, Disaster Recovery Planning, Plan Exercising/Testing, Conducting BIAs. Experience in performing BC audits or in managing and coordinating the response to a major, unplanned disruptive event that required activation of the BC/DR/Incident or Crisis Management Plans. Proficient with Microsoft Office Suite or related software. Proven competency in the timely management and execution of large projects. Administrator level skill with Emergency Notification Systems and similar planning applications. Good strategic, problem solving, and analytical skills. Strong communication skills; presentation, verbal and written. Ability to collaborate with others to develop an emergency plan. Strong knowledge of technology and business concepts, life cycles and processes. Hands-on experience implementing business continuity management software is a plus.
28/03/2024
Full time
NO SPONSORSHIP Business Continuity Specialist SALARY: $75k - $90K PLUS 10% BONUS LOCATION: AUSTIN, TX HYBRID 3 DAYS ONSITE, 2 DAYS REMOTE Looking for a candidate to focus on all the business continuity globally (not just IT). Risk assessments, business impact, change management, audit management. You will also do planning and scheduling of business continuity exercises and disaster recovery planning crisis' managing bc/dr resumption planning The Business Continuity (BC) Specialist I supports the implementation and development of a comprehensive business continuity strategy and programs, plans, and toolsets that support response, develop resiliency, and enable recovery from events that disrupt business operations. Uses the established framework and methodology to manage all business continuity life cycle activities, including risk assessment, business impact analysis, strategy development, implementation, testing and review, plan maintenance and updates. Supports the management and delivery of the program that addresses business recovery and emergency response management. Maintain the planning, governance, implementation, maintenance, and execution of Business Continuity components. Work with critical process leaders to ensure that policies, plans, procedures, and strategies effectively provide the recovery framework for restoration of critical processes that meet or exceed business demand. Coordinate the development and maintenance of comprehensive Business Impact Analyses (BIA), Risk Assessments, Change Management, and Audit Management program components. Provide input and integrate policies, guidelines, and controls to govern program effectiveness and alignment with industry best practices. Participate and complete Risk Assessments to identify inadequate strategies and concerns with associated remediation tactics for project sponsors. Facilitate the completion of Business Impact Analysis through survey development, roundtable discussions and best practice methodology reporting. Ensure appropriate plans, procedures and supplemental documentation is properly maintained and readily available. Plan and schedule all Business Continuity exercises. Coordinate ongoing Business Continuity awareness and training sessions that reinforce familiarity with roles/responsibilities and plan procedures. Analyze weekly and monthly metrics, benchmark milestones, and program progress to the Business Continuity sponsors and leadership. Qualifications & Requirements Bachelor's degree Minimum of 2 years practical experience in Business Continuity regarding the development of plans, procedures, strategies, risk assessments, business impact analysis, audit reviews, and exercise facilitation is required. Experience in Business Resumption Planning, Crisis Management Planning, Incident Response Planning, Disaster Recovery Planning, Plan Exercising/Testing, Conducting BIAs. Experience in performing BC audits or in managing and coordinating the response to a major, unplanned disruptive event that required activation of the BC/DR/Incident or Crisis Management Plans. Proficient with Microsoft Office Suite or related software. Proven competency in the timely management and execution of large projects. Administrator level skill with Emergency Notification Systems and similar planning applications. Good strategic, problem solving, and analytical skills. Strong communication skills; presentation, verbal and written. Ability to collaborate with others to develop an emergency plan. Strong knowledge of technology and business concepts, life cycles and processes. Hands-on experience implementing business continuity management software is a plus.
*We are unable to sponsor as this is a permanent Full time role* *Hybrid 3 days onsite 2 days remote* A prestigious company is looking for an IT Security GRC Specialist. This specialist will be the SME for information security GRC and will perform key risk management functions within the security governance department. They will do 3rd party vendor risk management and internal risk management. Experience with frameworks ISO 27001, NIST, SOC, SIG is required. Responsibilities: Management of process improvement, control maturity, and communication of risk throughout assigned GRC service activities. Level II responsibilities include incorporating ISO 27001 principles for continuous improvement throughout all services and support activities. Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. This service also provides contract review for security requirements. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cybersecurity and risk requirements. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Exception management, processing and tracking requests for exception to security controls. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Ensures security awareness training is aligned, defined, and executed. Evaluation of cyber training/education courses and methods based on instructional needs. Administration of the GRC technology platforms. Qualifications Bachelor's degree or five (5) years of work experience in IT Security is required. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required. Technical writing experience is required. Experience with instructional content educational writing strongly preferred. Strong knowledge of risk management principles and practices are required. Strong knowledge of security administration and role-based security controls are required. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Interview, gather, and understand content from subject-matter experts. Maintain accurate records and manage client security and risk requests. Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm's security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline, and procedure documents. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
26/03/2024
Full time
*We are unable to sponsor as this is a permanent Full time role* *Hybrid 3 days onsite 2 days remote* A prestigious company is looking for an IT Security GRC Specialist. This specialist will be the SME for information security GRC and will perform key risk management functions within the security governance department. They will do 3rd party vendor risk management and internal risk management. Experience with frameworks ISO 27001, NIST, SOC, SIG is required. Responsibilities: Management of process improvement, control maturity, and communication of risk throughout assigned GRC service activities. Level II responsibilities include incorporating ISO 27001 principles for continuous improvement throughout all services and support activities. Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. This service also provides contract review for security requirements. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cybersecurity and risk requirements. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Exception management, processing and tracking requests for exception to security controls. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Ensures security awareness training is aligned, defined, and executed. Evaluation of cyber training/education courses and methods based on instructional needs. Administration of the GRC technology platforms. Qualifications Bachelor's degree or five (5) years of work experience in IT Security is required. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required. Technical writing experience is required. Experience with instructional content educational writing strongly preferred. Strong knowledge of risk management principles and practices are required. Strong knowledge of security administration and role-based security controls are required. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Interview, gather, and understand content from subject-matter experts. Maintain accurate records and manage client security and risk requests. Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm's security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline, and procedure documents. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is on the search for an Application Security Engineer. This engineer will design, develop, build, configure, and test security applications. They will secure and administer the security applications. Security Applications needed: RSA Archer C-Cure, CrowdStrike, CyberArc, Active Directory, etc. Responsibilities: Testing, and deploying security application solutions using various platforms and technologies. Implementing and enforcing security policies, standards, and best practices. Identifying and mitigating risks and threats to the security application systems. Developing new features and enhancements that meet changing security needs. Managing and monitoring security applications. Providing technical support and guidance to other teams and stakeholders. Staying updated with the latest trends and developments in application security. Adhere to the Firm's Security and Governance requirements across all administered applications. Collaborate with professionals at all levels of the organization. Utilize SQL query tools to perform frequent data analysis across various systems, providing clear and accurate data to business users. Adhere to the Firm's IT Service Delivery standards and Change Control processes. Develop and maintain troubleshooting and configuration documentation for administered systems. Provide 24x7 operational support. On-call support responsibilities are rotated among the members of the Applications team. Qualifications The Applications Engineer 2 must have a BA/BS in computer science, related field, or equivalent experience with 5+ years' experience in cloud computing, security engineering, system administration, or a similar role Proficiency in various programming languages, tools, and frameworks used for development and security. Knowledge of security concepts, principles, standards, and best practices. Familiarity with various cloud platforms and services such as AWS, Azure, Google Cloud, etc. Experience in using security tools and technologies such as IAM, encryption, Firewall, VPN, etc. Technologies/Software Microsoft SQL Server Microsoft SQL Server Reporting Services Microsoft Active Directory Microsoft Internet Information Services Windows Server and Desktop operating system environments. IAM/Password Management Hitachi CyberArc/Delenia LastPas Other Items looking for CCure (card readers) Exaqvsion RSA Archer Crowdstrike MIR3 Emergency Notification System Administration/knowledge Windows Sever Active Directory Firewall SQL Management Studio/SQL Queries
26/03/2024
Full time
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is on the search for an Application Security Engineer. This engineer will design, develop, build, configure, and test security applications. They will secure and administer the security applications. Security Applications needed: RSA Archer C-Cure, CrowdStrike, CyberArc, Active Directory, etc. Responsibilities: Testing, and deploying security application solutions using various platforms and technologies. Implementing and enforcing security policies, standards, and best practices. Identifying and mitigating risks and threats to the security application systems. Developing new features and enhancements that meet changing security needs. Managing and monitoring security applications. Providing technical support and guidance to other teams and stakeholders. Staying updated with the latest trends and developments in application security. Adhere to the Firm's Security and Governance requirements across all administered applications. Collaborate with professionals at all levels of the organization. Utilize SQL query tools to perform frequent data analysis across various systems, providing clear and accurate data to business users. Adhere to the Firm's IT Service Delivery standards and Change Control processes. Develop and maintain troubleshooting and configuration documentation for administered systems. Provide 24x7 operational support. On-call support responsibilities are rotated among the members of the Applications team. Qualifications The Applications Engineer 2 must have a BA/BS in computer science, related field, or equivalent experience with 5+ years' experience in cloud computing, security engineering, system administration, or a similar role Proficiency in various programming languages, tools, and frameworks used for development and security. Knowledge of security concepts, principles, standards, and best practices. Familiarity with various cloud platforms and services such as AWS, Azure, Google Cloud, etc. Experience in using security tools and technologies such as IAM, encryption, Firewall, VPN, etc. Technologies/Software Microsoft SQL Server Microsoft SQL Server Reporting Services Microsoft Active Directory Microsoft Internet Information Services Windows Server and Desktop operating system environments. IAM/Password Management Hitachi CyberArc/Delenia LastPas Other Items looking for CCure (card readers) Exaqvsion RSA Archer Crowdstrike MIR3 Emergency Notification System Administration/knowledge Windows Sever Active Directory Firewall SQL Management Studio/SQL Queries
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a Senior Security Applications Infrastructure Engineer Candidate will use technical guidance and engineering best practices to securely build and scale security applications within the firm's environments. This position requires a blend of functional understanding with technical proficiency to deliver leadership, guidance and innovative solutions to meet the business needs of our organization. The position is responsible for building, maintaining, upgrading, and continuously improving security applications. Responsibilities: Apply high-level technical expertise and problem-solving skills to maintain and improve the Firm's Security applications. Investigates operational or systematic problems and provides resolution using routine analytical skills and tools as necessary. Testing, and deploying security application solutions using various platforms and technologies. Implementing and enforcing security policies, standards, and best practices. Identifying and mitigating risks and threats to the security application systems. Developing new features and enhancements that meet changing security needs. Managing and monitoring security applications. Providing technical support and guidance to other teams and stakeholders. Staying updated with the latest trends and developments in application security. Adhere to the Firm's Security and Governance requirements across all administered applications. Collaborate with professionals at all levels of the organization. Utilize SQL query tools to perform frequent data analysis across various systems, providing clear and accurate data to business users. Adhere to the Firm's IT Service Delivery standards and Change Control processes. Develop and maintain troubleshooting and configuration documentation for administered systems. Provide 24x7 operational support. On-call support responsibilities are rotated among the members of the Applications team. Qualifications: The Applications Engineer 2 must have a BA/BS in computer science, related field, or equivalent experience with 5+ years' experience in cloud computing, security engineering, system administration, or a similar role Proficiency in various programming languages, tools, and frameworks used for development and security. Knowledge of security concepts, principles, standards, and best practices. Familiarity with various cloud platforms and services such as AWS, Azure, Google Cloud, etc. Experience in using security tools and technologies such as IAM, encryption, Firewall, VPN, etc. Strong problem-solving, analytical, and communication skills The ideal candidate must have good judgment, problem-solving, oral, written and interpersonal communication skills, as well as the ability to work in a fast-paced environment and build positive working relationships. In addition, candidates must be self-motivated, organized, and able to multi-task and effectively prioritize competing demands. Technologies/Software Microsoft SQL Server Microsoft SQL Server Reporting Services Microsoft Active Directory Microsoft Internet Information Services Windows Server and Desktop operating system environments.
26/03/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a Senior Security Applications Infrastructure Engineer Candidate will use technical guidance and engineering best practices to securely build and scale security applications within the firm's environments. This position requires a blend of functional understanding with technical proficiency to deliver leadership, guidance and innovative solutions to meet the business needs of our organization. The position is responsible for building, maintaining, upgrading, and continuously improving security applications. Responsibilities: Apply high-level technical expertise and problem-solving skills to maintain and improve the Firm's Security applications. Investigates operational or systematic problems and provides resolution using routine analytical skills and tools as necessary. Testing, and deploying security application solutions using various platforms and technologies. Implementing and enforcing security policies, standards, and best practices. Identifying and mitigating risks and threats to the security application systems. Developing new features and enhancements that meet changing security needs. Managing and monitoring security applications. Providing technical support and guidance to other teams and stakeholders. Staying updated with the latest trends and developments in application security. Adhere to the Firm's Security and Governance requirements across all administered applications. Collaborate with professionals at all levels of the organization. Utilize SQL query tools to perform frequent data analysis across various systems, providing clear and accurate data to business users. Adhere to the Firm's IT Service Delivery standards and Change Control processes. Develop and maintain troubleshooting and configuration documentation for administered systems. Provide 24x7 operational support. On-call support responsibilities are rotated among the members of the Applications team. Qualifications: The Applications Engineer 2 must have a BA/BS in computer science, related field, or equivalent experience with 5+ years' experience in cloud computing, security engineering, system administration, or a similar role Proficiency in various programming languages, tools, and frameworks used for development and security. Knowledge of security concepts, principles, standards, and best practices. Familiarity with various cloud platforms and services such as AWS, Azure, Google Cloud, etc. Experience in using security tools and technologies such as IAM, encryption, Firewall, VPN, etc. Strong problem-solving, analytical, and communication skills The ideal candidate must have good judgment, problem-solving, oral, written and interpersonal communication skills, as well as the ability to work in a fast-paced environment and build positive working relationships. In addition, candidates must be self-motivated, organized, and able to multi-task and effectively prioritize competing demands. Technologies/Software Microsoft SQL Server Microsoft SQL Server Reporting Services Microsoft Active Directory Microsoft Internet Information Services Windows Server and Desktop operating system environments.
Security Application Engineer Salary: Open + Bonus Location: Chicago, IL/Austin, TX/Houston, TX/Dallas, TX Hybrid: 3 days on-site, 2 days remote *We are unable to provide sponsorship for this role* Qualifications BA/BS in computer science, related field, or equivalent experience 5+ years' experience in cloud computing, security engineering, system administration, etc. Proficiency in various programming languages, tools, and frameworks used for development and security. Familiarity with various cloud platforms and services such as AWS, Azure, Google Cloud, etc. Experience using security tools and technologies such as IAM, encryption, Firewall, VPN, etc. Bonus Points IAM/Password Management - Hitachi, CyberArk/Delenia, LastPass Administration/knowledge - Windows Sever, Active Directory, Firewall, SQL Management Studio/SQL Queries Other - CCure (card readers), Exaqvsion, RSA Archer, CrowdStrike, MIR3 Emergency Notification System Responsibilities Apply high-level technical expertise and problem-solving skills to maintain and improve company Security applications. Investigates operational or systematic problems and provides resolution using routine analytical skills and tools as necessary. Testing, and deploying security application solutions using various platforms and technologies. Implementing and enforcing security policies, standards, and best practices. Identifying and mitigating risks and threats to the security application systems. Developing new features and enhancements that meet changing security needs. Managing and monitoring security applications. Providing technical support and guidance to other teams and stakeholders.
26/03/2024
Full time
Security Application Engineer Salary: Open + Bonus Location: Chicago, IL/Austin, TX/Houston, TX/Dallas, TX Hybrid: 3 days on-site, 2 days remote *We are unable to provide sponsorship for this role* Qualifications BA/BS in computer science, related field, or equivalent experience 5+ years' experience in cloud computing, security engineering, system administration, etc. Proficiency in various programming languages, tools, and frameworks used for development and security. Familiarity with various cloud platforms and services such as AWS, Azure, Google Cloud, etc. Experience using security tools and technologies such as IAM, encryption, Firewall, VPN, etc. Bonus Points IAM/Password Management - Hitachi, CyberArk/Delenia, LastPass Administration/knowledge - Windows Sever, Active Directory, Firewall, SQL Management Studio/SQL Queries Other - CCure (card readers), Exaqvsion, RSA Archer, CrowdStrike, MIR3 Emergency Notification System Responsibilities Apply high-level technical expertise and problem-solving skills to maintain and improve company Security applications. Investigates operational or systematic problems and provides resolution using routine analytical skills and tools as necessary. Testing, and deploying security application solutions using various platforms and technologies. Implementing and enforcing security policies, standards, and best practices. Identifying and mitigating risks and threats to the security application systems. Developing new features and enhancements that meet changing security needs. Managing and monitoring security applications. Providing technical support and guidance to other teams and stakeholders.
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Risk Specialist. Candidate will work on the Governance, Risk Compliance team, leads and executes the programs within the GRC team, is a subject matter expert for Information Security (consulting to technical/non-technical management and the user community), and performs key risk management functions within the Security Governance department. Primary functions include life cycle management of client responses, Policy & Standards life cycle management, Security Vendor Risk program management, Security Awareness, Controls Assurance, and GRC platform and program management. Responsibilities: Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cyber security and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and lifec-ycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes road-map development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Qualifications: Bachelor's degree or five (5) years of work experience in IT Security is required. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required Prior IT Security experience in the legal industry experience is preferred. Technical writing experience is required. Experience with instructional content, educational writing, and technical writing strongly preferred. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Maintain accurate records and manage client security and risk requests Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm s security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline and procedure documents. Demonstrate the ability to communicate effectively technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users. Communicates succinctly and effectively Strong organization and problem-solving skills required Strong project and time management skills required Strong reading comprehension skills required Strong analytical ability with excellent written and verbal communication skills required Strong PC skills with Microsoft (ie Word, Excel, PowerPoint) required Ability to work independently and as a group member is required SharePoint administration is preferred for team Intranet site management Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Knowledge of Privileged Access Management technologies. Preferred Skills: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
22/03/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Risk Specialist. Candidate will work on the Governance, Risk Compliance team, leads and executes the programs within the GRC team, is a subject matter expert for Information Security (consulting to technical/non-technical management and the user community), and performs key risk management functions within the Security Governance department. Primary functions include life cycle management of client responses, Policy & Standards life cycle management, Security Vendor Risk program management, Security Awareness, Controls Assurance, and GRC platform and program management. Responsibilities: Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cyber security and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and lifec-ycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes road-map development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Qualifications: Bachelor's degree or five (5) years of work experience in IT Security is required. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required Prior IT Security experience in the legal industry experience is preferred. Technical writing experience is required. Experience with instructional content, educational writing, and technical writing strongly preferred. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Maintain accurate records and manage client security and risk requests Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm s security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline and procedure documents. Demonstrate the ability to communicate effectively technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users. Communicates succinctly and effectively Strong organization and problem-solving skills required Strong project and time management skills required Strong reading comprehension skills required Strong analytical ability with excellent written and verbal communication skills required Strong PC skills with Microsoft (ie Word, Excel, PowerPoint) required Ability to work independently and as a group member is required SharePoint administration is preferred for team Intranet site management Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Knowledge of Privileged Access Management technologies. Preferred Skills: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
NO SPONSORSHIP Security GRC Specialist II Salary: $120k to $140k Flex plus Bonus Misc. Info: Hybrid 3 days onsite 2 days remote Selling Point: Must have great soft skills, be able to articulate and have good documentation skills. Enterprise GRC lots of 3rd party along with internal ISO NIST SOC SIG The Security GRC Specialist II serves on the Governance, Risk Compliance (GRC) team, leads and executes assigned services within the GRC team. Specialist II is a subject matter expert for Information Security (consulting to technical/non-technical management and the user community), and performs key risk management functions within the Security Governance department. Third-party vendor management : Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. This service also provides contract review for security requirements. Qualifications & Requirements Bachelor's degree or five (5) years of work experience in IT Security is required. Four (4) years of Information Security experience required. Strong knowledge ISO 27001, NIST, SOC, SIG is required. Prior IT Security experience in the legal industry experience is preferred. Technical writing experience is required. Strong knowledge of risk management principles and practices are required. Strong knowledge of security administration and role-based security controls are required. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management
22/03/2024
Full time
NO SPONSORSHIP Security GRC Specialist II Salary: $120k to $140k Flex plus Bonus Misc. Info: Hybrid 3 days onsite 2 days remote Selling Point: Must have great soft skills, be able to articulate and have good documentation skills. Enterprise GRC lots of 3rd party along with internal ISO NIST SOC SIG The Security GRC Specialist II serves on the Governance, Risk Compliance (GRC) team, leads and executes assigned services within the GRC team. Specialist II is a subject matter expert for Information Security (consulting to technical/non-technical management and the user community), and performs key risk management functions within the Security Governance department. Third-party vendor management : Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. This service also provides contract review for security requirements. Qualifications & Requirements Bachelor's degree or five (5) years of work experience in IT Security is required. Four (4) years of Information Security experience required. Strong knowledge ISO 27001, NIST, SOC, SIG is required. Prior IT Security experience in the legal industry experience is preferred. Technical writing experience is required. Strong knowledge of risk management principles and practices are required. Strong knowledge of security administration and role-based security controls are required. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management
Senior GRC Specialist Salary: $120k-$135k + 10% bonus Location: Chicago, IL or Austin, TX Hybrid: 3 days in-office, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC Technical writing experience 4+ years of Information Security experience Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of Privileged Access Management technologies Responsibilities Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards, and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cybersecurity and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and life cycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes roadmap development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards.
22/03/2024
Full time
Senior GRC Specialist Salary: $120k-$135k + 10% bonus Location: Chicago, IL or Austin, TX Hybrid: 3 days in-office, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC Technical writing experience 4+ years of Information Security experience Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of Privileged Access Management technologies Responsibilities Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards, and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cybersecurity and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and life cycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes roadmap development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards.
Business Continuity Analyst Salary: open + bonus Location: Chicago, IL or Austin, TX Hybrid: 3 days in-office, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree 2 years practical experience in Business Continuity regarding the development of plans, procedures, strategies, risk assessments, business impact analysis, audit reviews, and exercise facilitation. Experience in Business Resumption Planning, Crisis Management Planning, Incident Response Planning, Disaster Recovery Planning, Plan Exercising/Testing, Conducting BIAs. Experience in performing BC audits or in managing and coordinating the response to a major, unplanned disruptive event that required activation of the BC/DR/Incident or Crisis Management Plans. Proficient with Microsoft Office Suite or related software. Administrator level skill with Emergency Notification Systems and similar planning applications. Hands-on experience implementing business continuity management software is a plus. Responsibilities Supports the management and delivery of the program that addresses business recovery and emergency response management. Maintain the planning, governance, implementation, maintenance, and execution of Business Continuity components. Work with critical process leaders to ensure that policies, plans, procedures, and strategies effectively provide the recovery framework for restoration of critical processes that meet or exceed business demand. Coordinate the development and maintenance of comprehensive Business Impact Analyses (BIA), Risk Assessments, Change Management, and Audit Management program components. Provide input and integrate policies, guidelines, and controls to govern program effectiveness and alignment with industry best practices.
19/03/2024
Full time
Business Continuity Analyst Salary: open + bonus Location: Chicago, IL or Austin, TX Hybrid: 3 days in-office, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree 2 years practical experience in Business Continuity regarding the development of plans, procedures, strategies, risk assessments, business impact analysis, audit reviews, and exercise facilitation. Experience in Business Resumption Planning, Crisis Management Planning, Incident Response Planning, Disaster Recovery Planning, Plan Exercising/Testing, Conducting BIAs. Experience in performing BC audits or in managing and coordinating the response to a major, unplanned disruptive event that required activation of the BC/DR/Incident or Crisis Management Plans. Proficient with Microsoft Office Suite or related software. Administrator level skill with Emergency Notification Systems and similar planning applications. Hands-on experience implementing business continuity management software is a plus. Responsibilities Supports the management and delivery of the program that addresses business recovery and emergency response management. Maintain the planning, governance, implementation, maintenance, and execution of Business Continuity components. Work with critical process leaders to ensure that policies, plans, procedures, and strategies effectively provide the recovery framework for restoration of critical processes that meet or exceed business demand. Coordinate the development and maintenance of comprehensive Business Impact Analyses (BIA), Risk Assessments, Change Management, and Audit Management program components. Provide input and integrate policies, guidelines, and controls to govern program effectiveness and alignment with industry best practices.